Split start triaging from confirm activity. (f48b92a5) · Commits · e / os / android_packages_apps_PackageInstaller

AndroidManifest.xml

+8 −6

Original line number	Diff line number	Diff line
		@@ -29,8 +29,8 @@
		android:defaultToDeviceProtectedStorage="true"
		android:directBootAware="true">

		<activity android:name=".PackageInstallerActivity"
		android:configChanges="orientation\|keyboardHidden\|screenSize"
		<activity android:name=".InstallStart"
		android:exported="true"
		android:excludeFromRecents="true">
		<intent-filter>
		<action android:name="android.intent.action.VIEW" />
		@@ -53,6 +53,12 @@
		</intent-filter>
		</activity>

		<activity android:name=".InstallStaging"
		android:exported="false" />

		<activity android:name=".PackageInstallerActivity"
		android:exported="false" />

		<activity android:name=".InstallInstalling"
		android:theme="@style/DialogWhenLargeNoAnimation"
		android:exported="false" />
		@@ -65,10 +71,6 @@
		android:theme="@style/DialogWhenLargeNoAnimation"
		android:exported="false" />

		<activity android:name=".InstallStaging"
		android:theme="@style/DialogWhenLargeNoAnimation"
		android:exported="false" />

		<activity android:name=".UninstallerActivity"
		android:configChanges="orientation\|keyboardHidden\|screenSize"
		android:excludeFromRecents="true"

src/com/android/packageinstaller/InstallStaging.java

+1 −0

Original line number	Diff line number	Diff line
		@@ -211,6 +211,7 @@ public class InstallStaging extends Activity {
		installIntent.setData(Uri.fromFile(mStagedFile));
		installIntent
		.setFlags(installIntent.getFlags() & ~Intent.FLAG_ACTIVITY_FORWARD_RESULT);
		installIntent.addFlags(Intent.FLAG_ACTIVITY_NO_ANIMATION);
		startActivityForResult(installIntent, 0);
		} else {
		showError();

src/com/android/packageinstaller/InstallStart.java

0 → 100644

+162 −0

Original line number	Diff line number	Diff line
		/*
		* Copyright (C) 2016 The Android Open Source Project
		*
		* Licensed under the Apache License, Version 2.0 (the "License");
		* you may not use this file except in compliance with the License.
		* You may obtain a copy of the License at
		*
		* http://www.apache.org/licenses/LICENSE-2.0
		*
		* Unless required by applicable law or agreed to in writing, software
		* distributed under the License is distributed on an "AS IS" BASIS,
		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
		* See the License for the specific language governing permissions and
		* limitations under the License.
		*/

		package com.android.packageinstaller;

		import android.annotation.Nullable;
		import android.app.Activity;
		import android.app.ActivityManagerNative;
		import android.content.Intent;
		import android.content.pm.ApplicationInfo;
		import android.content.pm.PackageInstaller;
		import android.content.pm.PackageManager;
		import android.content.pm.VerificationParams;
		import android.net.Uri;
		import android.os.Bundle;
		import android.util.Log;

		/**
		* Select which activity is the first visible activity of the installation and forward the intent to
		* it.
		*/
		public class InstallStart extends Activity {
		private static final String LOG_TAG = InstallStart.class.getSimpleName();

		private static final String SCHEME_CONTENT = "content";

		@Override
		protected void onCreate(@Nullable Bundle savedInstanceState) {
		super.onCreate(savedInstanceState);

		Intent intent = getIntent();
		String callingPackage = getCallingPackage();
		ApplicationInfo sourceInfo = getSourceInfo(callingPackage);
		int originatingUid = getOriginatingUid(sourceInfo);

		Intent nextActivity = new Intent(intent);
		nextActivity.addFlags(Intent.FLAG_ACTIVITY_FORWARD_RESULT);

		// The the installation source as the nextActivity thinks this activity is the source, hence
		// set the originating UID and sourceInfo explicitly
		nextActivity.putExtra(PackageInstallerActivity.EXTRA_CALLING_PACKAGE, callingPackage);
		nextActivity.putExtra(PackageInstallerActivity.EXTRA_ORIGINAL_SOURCE_INFO, sourceInfo);
		nextActivity.putExtra(Intent.EXTRA_ORIGINATING_UID, originatingUid);

		if (PackageInstaller.ACTION_CONFIRM_PERMISSIONS.equals(intent.getAction())) {
		nextActivity.setClass(this, PackageInstallerActivity.class);
		} else {
		Uri packageUri = intent.getData();

		if (packageUri == null) {
		// if there's nothing to do, quietly slip into the ether
		Intent result = new Intent();
		result.putExtra(Intent.EXTRA_INSTALL_RESULT,
		PackageManager.INSTALL_FAILED_INVALID_URI);
		setResult(RESULT_FIRST_USER, result);

		nextActivity = null;
		} else {
		if (packageUri.getScheme().equals(SCHEME_CONTENT)) {
		nextActivity.setClass(this, InstallStaging.class);
		} else {
		nextActivity.setClass(this, PackageInstallerActivity.class);
		}
		}
		}

		if (nextActivity != null) {
		startActivity(nextActivity);
		}
		finish();
		}

		/**
		* @return the ApplicationInfo for the installation source (the calling package), if available
		*/
		private ApplicationInfo getSourceInfo(@Nullable String callingPackage) {
		if (callingPackage != null) {
		try {
		return getPackageManager().getApplicationInfo(callingPackage, 0);
		} catch (PackageManager.NameNotFoundException ex) {
		// ignore
		}
		}
		return null;
		}

		/**
		* Get the originating uid if possible, or VerificationParams.NO_UID if not available
		*
		* @param sourceInfo The source of this installation
		*
		* @return The UID of the installation source or VerificationParams.NO_UID
		*/
		private int getOriginatingUid(@Nullable ApplicationInfo sourceInfo) {
		// The originating uid from the intent. We only trust/use this if it comes from a
		// system application
		int uidFromIntent = getIntent().getIntExtra(Intent.EXTRA_ORIGINATING_UID,
		VerificationParams.NO_UID);

		// Get the source info from the calling package, if available. This will be the
		// definitive calling package, but it only works if the intent was started using
		// startActivityForResult,
		if (sourceInfo != null) {
		if (uidFromIntent != VerificationParams.NO_UID &&
		(sourceInfo.privateFlags & ApplicationInfo.PRIVATE_FLAG_PRIVILEGED) != 0) {
		return uidFromIntent;

		}
		// We either didn't get a uid in the intent, or we don't trust it. Use the
		// uid of the calling package instead.
		return sourceInfo.uid;
		}

		// We couldn't get the specific calling package. Let's get the uid instead
		int callingUid;
		try {
		callingUid = ActivityManagerNative.getDefault()
		.getLaunchedFromUid(getActivityToken());
		} catch (android.os.RemoteException ex) {
		Log.w(LOG_TAG, "Could not determine the launching uid.");
		// nothing else we can do
		return VerificationParams.NO_UID;
		}

		// If we got a uid from the intent, we need to verify that the caller is a
		// privileged system package before we use it
		if (uidFromIntent != VerificationParams.NO_UID) {
		String[] callingPackages = getPackageManager().getPackagesForUid(callingUid);
		if (callingPackages != null) {
		for (String packageName: callingPackages) {
		try {
		ApplicationInfo applicationInfo =
		getPackageManager().getApplicationInfo(packageName, 0);

		if ((applicationInfo.privateFlags & ApplicationInfo.PRIVATE_FLAG_PRIVILEGED)
		!= 0) {
		return uidFromIntent;
		}
		} catch (PackageManager.NameNotFoundException ex) {
		// ignore it, and try the next package
		}
		}
		}
		}
		// We either didn't get a uid from the intent, or we don't trust it. Use the
		// calling uid instead.
		return callingUid;
		}
		}

src/com/android/packageinstaller/PackageInstallerActivity.java

+8 −105

Original line number	Diff line number	Diff line
		@@ -17,7 +17,6 @@
		package com.android.packageinstaller;

		import android.app.Activity;
		import android.app.ActivityManagerNative;
		import android.app.AlertDialog;
		import android.app.Dialog;
		import android.content.Context;
		@@ -67,10 +66,10 @@ public class PackageInstallerActivity extends Activity implements OnCancelListen
		private static final int REQUEST_ENABLE_UNKNOWN_SOURCES = 1;

		private static final String SCHEME_FILE = "file";
		private static final String SCHEME_CONTENT = "content";
		private static final String SCHEME_PACKAGE = "package";

		private static final String EXTRA_ORIGINAL_SOURCE_INFO = "EXTRA_ORIGINAL_SOURCE_INFO";
		static final String EXTRA_CALLING_PACKAGE = "EXTRA_CALLING_PACKAGE";
		static final String EXTRA_ORIGINAL_SOURCE_INFO = "EXTRA_ORIGINAL_SOURCE_INFO";

		private int mSessionId = -1;
		private Uri mPackageURI;
		@@ -83,6 +82,7 @@ public class PackageInstallerActivity extends Activity implements OnCancelListen
		UserManager mUserManager;
		PackageInstaller mInstaller;
		PackageInfo mPkgInfo;
		String mCallingPackage;
		ApplicationInfo mSourceInfo;

		// ApplicationInfo object primarily used for already existing applications
		@@ -325,8 +325,7 @@ public class PackageInstallerActivity extends Activity implements OnCancelListen
		}

		private boolean isInstallRequestFromUnknownSource(Intent intent) {
		String callerPackage = getCallingPackage();
		if (callerPackage != null && intent.getBooleanExtra(
		if (mCallingPackage != null && intent.getBooleanExtra(
		Intent.EXTRA_NOT_UNKNOWN_SOURCE, false)) {
		if (mSourceInfo != null) {
		if ((mSourceInfo.privateFlags & ApplicationInfo.PRIVATE_FLAG_PRIVILEGED)
		@@ -399,15 +398,10 @@ public class PackageInstallerActivity extends Activity implements OnCancelListen

		final Intent intent = getIntent();

		// This activity might have been started by InstallStaging. In this case recover
		// the info from the app that initiated the install request
		if (getPackageName().equals(getCallingPackage())) {
		mSourceInfo = getIntent().getParcelableExtra(EXTRA_ORIGINAL_SOURCE_INFO);
		} else {
		mSourceInfo = getSourceInfo();
		}

		mOriginatingUid = getOriginatingUid(intent);
		mCallingPackage = intent.getStringExtra(EXTRA_CALLING_PACKAGE);
		mSourceInfo = intent.getParcelableExtra(EXTRA_ORIGINAL_SOURCE_INFO);
		mOriginatingUid = intent.getIntExtra(Intent.EXTRA_ORIGINATING_UID,
		VerificationParams.NO_UID);

		final Uri packageUri;

		@@ -514,11 +508,6 @@ public class PackageInstallerActivity extends Activity implements OnCancelListen
		}
		}

		@Override
		protected void onDestroy() {
		super.onDestroy();
		}

		/**
		* Parse the Uri and set up the installer for this package.
		*
		@@ -567,21 +556,6 @@ public class PackageInstallerActivity extends Activity implements OnCancelListen
		mAppSnippet = PackageUtil.getAppSnippet(this, mPkgInfo.applicationInfo, sourceFile);
		} break;

		case SCHEME_CONTENT: {
		Intent installStaging = new Intent(getIntent());
		installStaging.setClass(this, InstallStaging.class);

		// Store UID which might not be set in original intent
		installStaging.putExtra(Intent.EXTRA_ORIGINATING_UID, mOriginatingUid);

		// Store source info as when called back the source is the packageinstaller
		installStaging.putExtra(EXTRA_ORIGINAL_SOURCE_INFO, mSourceInfo);
		installStaging.addFlags(Intent.FLAG_ACTIVITY_FORWARD_RESULT);
		startActivity(installStaging);
		finish();
		return false;
		}

		default: {
		Log.w(TAG, "Unsupported scheme " + scheme);
		setPmResult(PackageManager.INSTALL_FAILED_INVALID_URI);
		@@ -593,77 +567,6 @@ public class PackageInstallerActivity extends Activity implements OnCancelListen
		return true;
		}

		/** Get the ApplicationInfo for the calling package, if available */
		private ApplicationInfo getSourceInfo() {
		String callingPackage = getCallingPackage();
		if (callingPackage != null) {
		try {
		return mPm.getApplicationInfo(callingPackage, 0);
		} catch (NameNotFoundException ex) {
		// ignore
		}
		}
		return null;
		}


		/** Get the originating uid if possible, or VerificationParams.NO_UID if not available */
		private int getOriginatingUid(Intent intent) {
		// The originating uid from the intent. We only trust/use this if it comes from a
		// system application
		int uidFromIntent = intent.getIntExtra(Intent.EXTRA_ORIGINATING_UID,
		VerificationParams.NO_UID);

		// Get the source info from the calling package, if available. This will be the
		// definitive calling package, but it only works if the intent was started using
		// startActivityForResult,
		if (mSourceInfo != null) {
		if (uidFromIntent != VerificationParams.NO_UID &&
		(mSourceInfo.privateFlags & ApplicationInfo.PRIVATE_FLAG_PRIVILEGED) != 0) {
		return uidFromIntent;

		}
		// We either didn't get a uid in the intent, or we don't trust it. Use the
		// uid of the calling package instead.
		return mSourceInfo.uid;
		}

		// We couldn't get the specific calling package. Let's get the uid instead
		int callingUid;
		try {
		callingUid = ActivityManagerNative.getDefault()
		.getLaunchedFromUid(getActivityToken());
		} catch (android.os.RemoteException ex) {
		Log.w(TAG, "Could not determine the launching uid.");
		// nothing else we can do
		return VerificationParams.NO_UID;
		}

		// If we got a uid from the intent, we need to verify that the caller is a
		// privileged system package before we use it
		if (uidFromIntent != VerificationParams.NO_UID) {
		String[] callingPackages = mPm.getPackagesForUid(callingUid);
		if (callingPackages != null) {
		for (String packageName: callingPackages) {
		try {
		ApplicationInfo applicationInfo =
		mPm.getApplicationInfo(packageName, 0);

		if ((applicationInfo.privateFlags & ApplicationInfo.PRIVATE_FLAG_PRIVILEGED)
		!= 0) {
		return uidFromIntent;
		}
		} catch (NameNotFoundException ex) {
		// ignore it, and try the next package
		}
		}
		}
		}
		// We either didn't get a uid from the intent, or we don't trust it. Use the
		// calling uid instead.
		return callingUid;
		}

		@Override
		public void onBackPressed() {
		if (mSessionId != -1) {